theoretical question - can root's username be changed?
Mike McCarty
mike.mccarty at sbcglobal.net
Fri Dec 2 20:14:55 UTC 2005
Scot L. Harris wrote:
> On Fri, 2005-12-02 at 14:17, Mike McCarty wrote:
>
>>Tim wrote:
>>
>>>On Fri, 2005-12-02 at 12:44 +0800, John Summerfied wrote:
>>>
>>>
>>>>A really big flaw in Unix design is the fact one user has the inherent
>>>>ability to do everything, the fact that the Unix security model is
>>>>built round this.
>>>
>>>
>>>A counterpoint to that, in the Windows world, is that you can have too
>>>many people able to do things that they shouldn't. They might think
>>>they need to do something special, they might want to do it, they might
>>>think they know what they're doing, but they're often wrong.
>>
>>The objection is not that there are not enough users who can
>>do things, but that there is one super duper user who can
>>do EVERYTHING AND ANYTHING. There is no finesse. Either
>>all or none. It might be useful to have someone who can
>>administer passwords, but not rm /etc/passwd, for example.
>>There is not enough resolution.
>
>
> You can configure sudoers to limit a user to specific commands that they
> can run as root when needed without allowing that user to do everything
> root can.
>
One cannot configure sudo such that one can "vi /etc/one_special_file"
but not "vi /etc/another_special_file".
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
More information about the fedora-list
mailing list